Skip to main content

Release Notes April 2023

Release Highlights:

Introducing the Communications Hub - a dedicated area for administrators or managers to easily customize and send templates for courses, lessons, assessments, and challenges to their users, based on the user’s role, course progress, team membership, and more. 

Templates can be customized from a default list to be in line with your goals and include detailed filtering for organizing and sending to users. 

Check it out here: Communications Hub


New Courses and Lessons

CSRF: Learn how to protect your web applications against Cross-site Request Forgery (CSRF) attacks! In our new course, you will understand how CSRF attacks work and learn about practical approaches for protecting against them. From synchronizer tokens to cookie-to-header, you'll explore various techniques for defending your application against malicious actors. We'll also cover inadequate approaches to CSRF protection and explain how to implement a defense-in-depth strategy to safeguard your web application. This essential lesson is for any web developer or security professional. CSRF.

SameSite Cookie Attribution: We have added a new lesson: SameSite Cookie Attribution to our "Front End Security Basics" course. In this lesson, you will learn what defines a SameSite Cookie Attribution, its three states, its risks, and its values. Most importantly, you will learn how you can prevent these risks in your application. SameSite Cookie Attribution.

Cryptographic Failures: Learn how incorrect use of cryptography or a lack thereof might lead to vulnerabilities such as sensitive data exposure.Cryptographic Failures.

Insecure Design: Learn about design risks and how to prevent them.Insecure Design.